Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/05f20b2e-a7a8-42fd-92f8-9496233b2c9e/0/3130332e3136382e34342e302f32342d3234203d3e20313432333037.roa
File: 3130332e3136382e34342e302f32342d3234203d3e20313432333037.roa (raw, json)
Hash identifier: BJAdOo0RGebUk8ZnI6ST00lTNYWrEJhZQcWUbVVtqAs=
Subject key identifier: F1:05:76:8B:3F:3C:A8:45:64:8A:96:53:36:D2:6B:59:95:58:C5:0B
Certificate issuer: /CN=60AA01200D121EEEFE22CEFEE76B55720E8D9439
Certificate serial: 1D851DA639C6CC446C040C3FA3B74176F4A09459
Authority key identifier: 60:AA:01:20:0D:12:1E:EE:FE:22:CE:FE:E7:6B:55:72:0E:8D:94:39
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/60AA01200D121EEEFE22CEFEE76B55720E8D9439.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/05f20b2e-a7a8-42fd-92f8-9496233b2c9e/0/3130332e3136382e34342e302f32342d3234203d3e20313432333037.roa
Signing time: Thu 07 Nov 2024 10:00:00 +0000
ROA not before: Thu 07 Nov 2024 09:55:00 +0000
ROA not after: Thu 06 Nov 2025 10:00:00 +0000
asID: 142307
IP address blocks: 103.168.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:85:1d:a6:39:c6:cc:44:6c:04:0c:3f:a3:b7:41:76:f4:a0:94:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60AA01200D121EEEFE22CEFEE76B55720E8D9439
Validity
Not Before: Nov 7 09:55:00 2024 GMT
Not After : Nov 6 10:00:00 2025 GMT
Subject: CN=F105768B3F3CA845648A965336D26B599558C50B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2d:5a:0b:48:81:97:79:55:ce:3f:60:a0:44:
13:27:89:5a:ed:70:ae:22:2b:2d:ca:bf:c3:11:23:
40:2d:fe:15:98:c8:26:9f:eb:0f:5b:8f:29:8e:0d:
7b:73:5f:ff:51:46:29:e9:a5:c9:e4:05:38:84:96:
2c:d5:65:0d:07:58:16:60:63:04:45:30:c2:9f:9a:
14:b8:ba:b4:19:db:d9:25:f7:f5:20:5e:3b:3b:a5:
71:64:32:f5:44:23:d1:ed:a0:20:cb:af:35:76:53:
43:c3:d9:1f:b6:29:8b:19:d4:0e:06:50:a0:6f:6d:
3f:a2:c0:7b:a2:a8:62:4a:ee:c0:70:aa:8c:84:1a:
5c:c3:d6:bf:6a:2f:3a:2f:25:8e:cb:13:75:55:d3:
60:dc:b0:3d:c8:83:cb:05:2f:4c:f9:e5:7c:cd:ec:
d4:01:2e:2c:40:e1:4b:88:6a:ed:c0:ce:64:1a:cf:
b9:5d:02:b0:c0:3d:13:e0:fc:b6:41:b7:b3:bd:39:
42:38:9d:36:34:f9:49:6e:45:a8:fe:3f:d3:72:db:
fc:81:69:f8:af:db:de:02:3f:b3:a9:a4:fa:37:26:
2d:6b:5e:de:30:3e:e5:e0:0a:5c:2e:db:85:71:a1:
e0:a4:5f:e8:b2:03:37:5a:59:37:3b:bc:7a:59:87:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:05:76:8B:3F:3C:A8:45:64:8A:96:53:36:D2:6B:59:95:58:C5:0B
X509v3 Authority Key Identifier:
keyid:60:AA:01:20:0D:12:1E:EE:FE:22:CE:FE:E7:6B:55:72:0E:8D:94:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/05f20b2e-a7a8-42fd-92f8-9496233b2c9e/0/60AA01200D121EEEFE22CEFEE76B55720E8D9439.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/60AA01200D121EEEFE22CEFEE76B55720E8D9439.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/05f20b2e-a7a8-42fd-92f8-9496233b2c9e/0/3130332e3136382e34342e302f32342d3234203d3e20313432333037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.168.44.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:a4:21:37:4c:19:df:5c:f9:7d:5b:62:17:25:a3:13:d0:07:
fe:bc:40:b2:45:ca:91:4c:cc:83:76:da:7b:1c:e3:93:57:d8:
e5:f0:4a:e0:b8:e1:82:86:6c:4e:fe:f4:7b:4a:cb:72:e5:cf:
b4:95:67:8f:da:49:33:a6:d2:b1:b6:3a:35:2a:c5:73:5f:d7:
75:72:d7:53:22:47:c5:19:2d:de:91:03:c2:52:87:96:14:4f:
0d:e4:20:e0:0e:38:f0:81:88:7d:42:fd:c3:8e:8a:f8:4a:46:
3f:3d:a0:16:c7:eb:7f:f9:9d:b0:2d:f7:a1:e1:2a:c9:1a:6a:
b2:3f:72:00:2b:b5:6d:f8:71:55:d3:08:53:cf:a7:3f:ee:7e:
45:65:ef:b6:60:d0:de:b3:08:cd:42:8e:a8:c5:f4:5e:bf:17:
ab:14:13:1a:7c:67:ff:f1:e0:45:a0:8c:72:d2:66:80:11:34:
39:62:ce:6a:4f:18:0d:a3:d7:94:c2:1f:68:0a:bb:1d:7b:96:
d1:04:9c:0f:8f:26:ec:de:0a:19:fa:f9:9e:10:e2:42:8a:1b:
42:de:91:54:8f:57:c5:5c:f7:68:03:64:29:a7:3a:08:d9:b0:
c4:8a:83:2c:5d:a6:88:74:d8:a5:7f:f0:d8:95:13:0c:46:f7:
9a:be:28:b1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUHYUdpjnGzERsBAw/o7dBdvSglFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjBBQTAxMjAwRDEyMUVFRUZFMjJDRUZFRTc2QjU1NzIw
RThEOTQzOTAeFw0yNDExMDcwOTU1MDBaFw0yNTExMDYxMDAwMDBaMDMxMTAvBgNV
BAMTKEYxMDU3NjhCM0YzQ0E4NDU2NDhBOTY1MzM2RDI2QjU5OTU1OEM1MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4LVoLSIGXeVXOP2CgRBMniVrt
cK4iKy3Kv8MRI0At/hWYyCaf6w9bjymODXtzX/9RRinppcnkBTiElizVZQ0HWBZg
YwRFMMKfmhS4urQZ29kl9/UgXjs7pXFkMvVEI9HtoCDLrzV2U0PD2R+2KYsZ1A4G
UKBvbT+iwHuiqGJK7sBwqoyEGlzD1r9qLzovJY7LE3VV02DcsD3Ig8sFL0z55XzN
7NQBLixA4UuIau3AzmQaz7ldArDAPRPg/LZBt7O9OUI4nTY0+UluRaj+P9Ny2/yB
afiv294CP7OppPo3Ji1rXt4wPuXgClwu24VxoeCkX+iyAzdaWTc7vHpZhwHBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU8QV2iz88qEVkipZTNtJrWZVYxQswHwYDVR0j
BBgwFoAUYKoBIA0SHu7+Is7+52tVcg6NlDkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NWYyMGIyZS1hN2E4LTQyZmQtOTJmOC05NDk2MjMzYjJjOWUvMC82MEFBMDEyMDBE
MTIxRUVFRkUyMkNFRkVFNzZCNTU3MjBFOEQ5NDM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjBBQTAxMjAwRDEyMUVFRUZFMjJDRUZFRTc2QjU1NzIwRThE
OTQzOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA1ZjIwYjJlLWE3YTgtNDJmZC05
MmY4LTk0OTYyMzNiMmM5ZS8wLzMxMzAzMzJlMzEzNjM4MmUzNDM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMyMzMzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6gsMA0GCSqG
SIb3DQEBCwUAA4IBAQC4pCE3TBnfXPl9W2IXJaMT0Af+vECyRcqRTMyDdtp7HOOT
V9jl8ErguOGChmxO/vR7Ssty5c+0lWeP2kkzptKxtjo1KsVzX9d1ctdTIkfFGS3e
kQPCUoeWFE8N5CDgDjjwgYh9Qv3Djor4SkY/PaAWx+t/+Z2wLfeh4SrJGmqyP3IA
K7Vt+HFV0whTz6c/7n5FZe+2YNDeswjNQo6oxfRevxerFBMafGf/8eBFoIxy0maA
ETQ5Ys5qTxgNo9eUwh9oCrsde5bRBJwPjybs3goZ+vmeEOJCihtC3pFUj1fFXPdo
A2QppzoI2bDEioMsXaaIdNilf/DYlRMMRveaviix
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:34:24 2025 by rpki-client